DEBIAN-CVE-2005-3357

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2005-3357

Published: 31 Dec 2005, 05:00

Last modified:28 Apr 2026, 20:08

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

31 Dec 2005, 05:00

Published

Vulnerability first disclosed

28 Apr 2026, 20:08

Last Modified

Vulnerability information updated

Description

mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.

Affected Systems

debian•apache2
< 2.0.55-4 | < 2.0.55-4 | < 2.0.55-4 | < 2.0.55-4

References (1)

https://security-tracker.debian.org/tracker/CVE-2005-3357